I have two SP initiated relying parties that this happens to. These parties both work on my QA servers. When I try in production, I get a generic "HTTP Error 400. The request URL is invalid." The URL in my browser when this happens is something like:
/adfs/ls/&authInProgress=s36_AQPNWxO4DZoJr3O3tCxLUy91GfRBsv36CX_j6KgkNyMDm_xdyV7zFHchkyYfqiMOJlwM6DL5j_x9enFjq-o6HLXfnSuawKn8s5ok2S72mkSGh6SD3OvOdqtpqECpSv2FRMFM2pJ3XTrkJOc5fKklh2PONPiOt67Vq-F4CypD9vf85PgKpIfZUP7uCBc5isAxGw7WvclQT4savAuJ07Qm3nlpJd2a-ZAV-WkDt81S8UVt4icMtWaM6tRejkt6vFfCT_L3E-QOGgXMFmO1iCQI4f-RUMoXkl7jwfDUfuPOmOpfCkxtTzHct9Cfcmia5RJpXcUJobwlmmQUxKn7KQ
If I change the ampersand in /adfs/ls/&authInProgress to a ?, and hit enter, I am logged into the relying party. Not sure where this &authInProgress is coming from. I used fiddler to see if my QA environment has a step like this, but it doesn't.
Now, one of these was working in production before (didn't try adding the second until after the problem started). I did install a bunch of security updates, so I'm hoping someone out there will tell me this is a known issue with ADFS & a certain update. Didn't find anything on Google along those lines.